Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

invalid security certificate add exception button missing

  • 9 replies
  • 5 have this problem
  • 672 views
  • Last reply by cor-el

more options

The "add exception" button is missing...

The "add exception" button is missing...
Attached screenshots

Chosen solution

jscher2000 said

toiday said
Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing.

This is not new behavior: if the site specifies Strict Transport Security, you cannot add an exception.

Traditionally, Firefox received that signal from the site on a previous visit, however at some point, Firefox also started applying HSTS to sites on a built-in list. I think they wanted themselves added to the list, but I haven't researched the history.

If you think the built-in list is causing this issue, you could try disabling it temporarily:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste strict and pause while the list is filtered

(3) Double-click the network.stricttransportsecurity.preloadlist preference to switch the value from true to false

I don't know whether that takes effect immediately or after you shut down/restart Firefox, and/or whether you might also have to remove the SiteSecurityServiceState.txt file from your profile folder.

jscher2000 said

toiday said
Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing.

This is not new behavior: if the site specifies Strict Transport Security, you cannot add an exception.

Traditionally, Firefox received that signal from the site on a previous visit, however at some point, Firefox also started applying HSTS to sites on a built-in list. I think they wanted themselves added to the list, but I haven't researched the history.

If you think the built-in list is causing this issue, you could try disabling it temporarily:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste strict and pause while the list is filtered

(3) Double-click the network.stricttransportsecurity.preloadlist preference to switch the value from true to false

I don't know whether that takes effect immediately or after you shut down/restart Firefox, and/or whether you might also have to remove the SiteSecurityServiceState.txt file from your profile folder.

@jscher2000, the site I visit is an internal site and I have visit it quite often for years. So, this is new behavior.

I follow your recommendation with first changing 'network.stricttransportsecurity.preloadlist' to false and still not working. Then delete the site from SiteSecurityServiceState.txt after quit out of FireFox. That fixed it. Thanks for your advice!

Read this answer in context 👍 1

All Replies (9)

more options

Then you need to some how contact the site about the problem issuing it.

more options

"Strict Transport Security" is a signal the site previously sent to Firefox instructing it not to allow exceptions. Anyway, you should never need to add exceptions for well-run sites.

Is this the only site generating this error on your Firefox or is it part of a pattern?

Could you review this article to see whether it helps with tracking down the source of the problem: How to troubleshoot security error codes on secure websites.

If that doesn't help, do you want to mention what site it is?

more options

Do you get a certificate chain if you click the blue SEC_ERROR_UNKNOWN_ISSUER text?

  • always be cautious when you get an 'Untrusted' error message
  • never create a permanent exception without investigating the cause and only use this to inspect the certificate
more options

Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing. If you look at this: https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER?as=u&utm_source=inproduct

You see there supposed to be a button "Add Exception..." right under the error code (see attached screenshot). I'm missing that button. It was there before the recent FireFox upgrade. I'm using FireFox on Mac BTW.

Modified by toiday

more options

toiday said

Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing.

This is not new behavior: if the site specifies Strict Transport Security, you cannot add an exception.

Traditionally, Firefox received that signal from the site on a previous visit, however at some point, Firefox also started applying HSTS to sites on a built-in list. I think they wanted themselves added to the list, but I haven't researched the history.

If you think the built-in list is causing this issue, you could try disabling it temporarily:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste strict and pause while the list is filtered

(3) Double-click the network.stricttransportsecurity.preloadlist preference to switch the value from true to false

I don't know whether that takes effect immediately or after you shut down/restart Firefox, and/or whether you might also have to remove the SiteSecurityServiceState.txt file from your profile folder.

more options

Can you clarify why you have this error and need to add an exception?

more options

cor-el said

Can you clarify why you have this error and need to add an exception?

The site I visit is an internal site so it doesn't have the proper cert. However, it's NOT a new site. I've been using it for years by add exception. Now, with the new version of FireFox, the option for adding exception is gone.

more options

Chosen Solution

jscher2000 said

toiday said
Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing.

This is not new behavior: if the site specifies Strict Transport Security, you cannot add an exception.

Traditionally, Firefox received that signal from the site on a previous visit, however at some point, Firefox also started applying HSTS to sites on a built-in list. I think they wanted themselves added to the list, but I haven't researched the history.

If you think the built-in list is causing this issue, you could try disabling it temporarily:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste strict and pause while the list is filtered

(3) Double-click the network.stricttransportsecurity.preloadlist preference to switch the value from true to false

I don't know whether that takes effect immediately or after you shut down/restart Firefox, and/or whether you might also have to remove the SiteSecurityServiceState.txt file from your profile folder.

jscher2000 said

toiday said
Hey guys, I know why I have the error. I was asking about adding exception. The previous version used to give me the option to "add exception". After the upgrade, the button is missing.

This is not new behavior: if the site specifies Strict Transport Security, you cannot add an exception.

Traditionally, Firefox received that signal from the site on a previous visit, however at some point, Firefox also started applying HSTS to sites on a built-in list. I think they wanted themselves added to the list, but I haven't researched the history.

If you think the built-in list is causing this issue, you could try disabling it temporarily:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste strict and pause while the list is filtered

(3) Double-click the network.stricttransportsecurity.preloadlist preference to switch the value from true to false

I don't know whether that takes effect immediately or after you shut down/restart Firefox, and/or whether you might also have to remove the SiteSecurityServiceState.txt file from your profile folder.

@jscher2000, the site I visit is an internal site and I have visit it quite often for years. So, this is new behavior.

I follow your recommendation with first changing 'network.stricttransportsecurity.preloadlist' to false and still not working. Then delete the site from SiteSecurityServiceState.txt after quit out of FireFox. That fixed it. Thanks for your advice!

more options

Modified by cor-el